• Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
HackRead
  • April 20th, 2021
  • Home
  • Advertise
  • Privacy Policy
  • Contact Us
HackRead
  • Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
  • Follow us
    • Facebook
    • Twitter
    • Linkedin
    • Youtube
Home
Cyber Events
Cyber Attacks

Nissan Leaf Maybe At Threat Because of Vulnerable APIs

February 26th, 2016 Ali Raza Cyber Attacks, Security 0 comments
Nissan Leaf Maybe At Threat Because of Vulnerable APIs
Share on FacebookShare on Twitter
Security researchers show how an attacker can access Nissan Leaf electric car by exploiting vulnerability in APIs

By using the Application Program Interface or the list of protocols to be kept in mind while building a new software, by the car manufacturing giant Nissan, some security researchers have detected vulnerabilities in the mobile management APIs for the Nissan Leaf electric car.

These APIs allow any person with the knowledge of the VIN of a car to get access to features like climate regulation and battery charge management from anywhere across the World Wide Web. And VINs are something that is clearly visible to the entire world through the gar’s windshield.

[q]Attackers can access the Nissan Leaf via insecure APIs[/q]

One of the security researchers wrote in his blog post articulating that his main concern was with the “telematics system in the car” that is leaking the “historical driving data”.

[fullsquaread][/fullsquaread]

He continues to write that:

“That’s the details of every trip I’ve ever made in the car, including when I made it, how far I drove and even how efficiently I drove. This could easily be used to build up a profile of my driving habits, considering it goes back almost 2 years and predict when I will be away from home. This kind of data should be collected and secured with the utmost respect for my privacy.”

Using an embedded video, the two researchers, Scott Helme and Troy Hunt, described that the discovery was made by another person who attended a workshop along with them. And After his discovery, Hunt demonstrated that he was able to access Helme’s Nissan Leaf, sitting in England, ten thousand miles away from Australia.

The person who worked with them in the workshop went back to his hotel room the day he discovered that such access was possible and proxied his iPhone via the computer since the APIs that are used to access the Nissan Leaf cars work on both Android and iOS platforms.

While Hunt maintained that this would not necessarily turn out to be a life-threatening situation, hackers could, however, use this NissanConnect app to gain control over some features of Nissan’s electric car and mess around with some features.

Nissan acknowledged the fact that they were aware of such an issue and also mentioned that it doesn’t have any effect on the car’s safety, perhaps to stop customers from panicking. They said that they were looking into the issue and were ensuring to deliver “the best possible experience” for their customers.

[src src=”Top, Featured Image Via” url=”http://www.nissanusa.com/content/dam/nissan/vehicles/2016/leaf/overview/2016-nissan-leaf-rear-profile-black.jpg”]Nissan USA[/src] 

  • Tags
  • Android
  • APPS
  • Cars
  • hacking
  • Infosec
  • iOS
  • Securitu
  • Vehicles
Facebook Twitter LinkedIn Pinterest
Previous article Gay teacher fired after hackers post his sex video on school website
Next article Anonymous France’ Trio Due to be Sentenced in March for Targeting Police sites
Ali Raza

Ali Raza

Ali Raza is a freelance journalist with extensive experience in marketing and management. His work has been featured in many major crypto and tech websites including Hacked, Hackread, ValueWalk, Cryptoslate, CCN, and Globlecoinreport to name a few. Raza is the co-founder of 5Gist.com, too, a site dedicated to educating people on 5G technology.

Related Posts
WhatsApp Pink is malware spreading through group chats

WhatsApp Pink is malware spreading through group chats

2021 and Emerging Cybersecurity Threats

2021 and Emerging Cybersecurity Threats

Unpatched MS Exchange servers hit by cryptojacking malware

Unpatched MS Exchange servers hit by cryptojacking malware

Newsletter

Get the best stories straight into your inbox!



Don’t worry, we don’t spam

Latest Posts
Hackers claims to be selling 13tb of Domino’s India data
Hacking News

Hackers claims to be selling 13tb of Domino’s India data

WhatsApp Pink is malware spreading through group chats
Security

WhatsApp Pink is malware spreading through group chats

A hacker claims to be selling sensitive data from OTP generating firm
Hacking News

A hacker claims to be selling sensitive data from OTP generating firm

HACKREAD is a News Platform that centers on InfoSec, Cyber Crime, Privacy, Surveillance and Hacking News with full-scale reviews on Social Media Platforms & Technology trends. Founded in 2011, HackRead is based in the United Kingdom.

Follow us